Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/p_CKD44ElKXmYbNgyYA8ocN1lCY.roa
File: p_CKD44ElKXmYbNgyYA8ocN1lCY.roa (raw, json)
Hash identifier: qB4pHdQowp4nPfwE+kCMwslQVu4FWTUXU5OxaQzrRqs=
Subject key identifier: A7:F0:8A:0F:8E:04:94:A5:E6:61:B3:60:C9:80:3C:A1:C3:75:94:26
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 01891CA1D9BA164910E078CEDB8C63AE627C
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/p_CKD44ElKXmYbNgyYA8ocN1lCY.roa
Signing time: Mon 03 Jul 2023 16:41:56 +0000
ROA not before: Mon 03 Jul 2023 16:41:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56381
IP address blocks: 141.98.136.0/24 maxlen: 24
2a09:11c0:1000::/36 maxlen: 36
2a09:11c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:a1:d9:ba:16:49:10:e0:78:ce:db:8c:63:ae:62:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jul 3 16:41:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7f08a0f8e0494a5e661b360c9803ca1c3759426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:73:bf:7d:88:3a:90:7a:1c:bf:55:06:08:
27:e5:02:cc:36:ed:37:aa:b6:0a:3d:0e:40:83:3e:
5a:08:23:2c:c7:38:7a:24:fb:ee:27:1f:c9:ec:d8:
7d:5a:2b:e2:fc:92:8a:a2:40:11:2a:8d:b8:0e:af:
5a:1d:de:1d:06:94:d1:32:be:5a:58:83:64:69:03:
3d:f5:f5:c9:45:e2:eb:97:14:58:9c:a7:a6:6c:1b:
12:a2:b2:98:20:fc:3f:4e:09:40:36:23:5a:5c:8d:
99:26:82:70:74:d9:96:41:a9:5b:fa:cf:a9:ca:4c:
ba:0c:f4:7a:cf:0c:46:91:98:9c:96:66:9c:82:ec:
95:cd:c5:33:46:08:b9:6e:89:85:90:8d:ce:4c:0c:
a4:60:f6:cb:df:a1:98:cd:62:03:64:55:f3:37:e4:
7b:c9:b5:48:30:f1:c2:21:c5:e6:10:a2:7a:03:ad:
9c:55:9f:a3:86:68:3e:e8:26:84:9b:e5:df:8f:7a:
1d:d7:66:c2:b6:62:03:2a:3e:d4:4f:5a:32:20:22:
a7:4f:e9:66:76:13:62:d7:5d:5f:d9:72:d6:9c:37:
76:37:25:ce:65:e1:d9:5e:a2:5b:f0:2c:4f:e1:87:
b1:25:19:e4:46:e1:e8:cd:9e:83:2f:0a:45:ac:72:
38:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F0:8A:0F:8E:04:94:A5:E6:61:B3:60:C9:80:3C:A1:C3:75:94:26
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/p_CKD44ElKXmYbNgyYA8ocN1lCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.136.0/24
IPv6:
2a09:11c0::/48
2a09:11c0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
98:e7:e4:78:e6:58:a9:99:20:0e:14:c4:3e:15:4a:92:0f:a4:
dc:89:6c:42:4e:c3:55:49:28:c4:ba:1a:77:9c:e3:3a:59:69:
bd:4b:cb:dc:f0:7e:8b:67:5c:fa:9a:ce:14:12:f5:32:f9:9e:
99:16:6c:af:4d:86:92:9a:71:7d:04:82:4d:65:5c:97:88:d6:
b7:24:4a:8a:89:2a:7d:f6:7c:0e:9e:02:dc:79:a6:37:a0:6e:
4b:b9:bd:1d:81:6a:6c:da:f4:fb:8b:06:f4:97:16:44:15:a1:
25:12:61:16:7b:ad:a5:37:1c:b0:f0:6a:fd:82:93:e9:2c:38:
40:78:d7:7e:f3:e5:c0:9f:ad:3d:d8:09:8b:e5:d0:76:d7:ec:
78:53:65:fe:a6:1d:26:ba:a6:b7:da:2c:e2:eb:82:49:ca:38:
e4:d8:fc:8c:75:c6:54:60:d2:06:d9:5e:fc:c0:24:83:0e:2a:
b9:e6:32:02:7f:6f:60:cf:39:42:49:b8:52:26:41:d2:7a:b6:
b0:08:7a:60:ff:af:c0:27:e4:7c:9d:4d:44:cf:03:b1:cf:52:
49:ca:4a:57:8a:48:8f:98:37:c3:61:b7:e8:70:61:66:a2:41:
e2:7d:a9:87:ad:c5:33:5f:7d:e2:ff:fa:52:98:bb:a9:dd:29:
e5:35:63:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYkcodm6FkkQ4HjO24xjrmJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwNzAzMTY0MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2YwOGEwZjhlMDQ5NGE1ZTY2MWIzNjBjOTgwM2NhMWMzNzU5NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnNzv32IOpB6HL9VBggn5QLMNu03
qrYKPQ5Agz5aCCMsxzh6JPvuJx/J7Nh9Wivi/JKKokARKo24Dq9aHd4dBpTRMr5a
WINkaQM99fXJReLrlxRYnKembBsSorKYIPw/TglANiNaXI2ZJoJwdNmWQalb+s+p
yky6DPR6zwxGkZiclmacguyVzcUzRgi5bomFkI3OTAykYPbL36GYzWIDZFXzN+R7
ybVIMPHCIcXmEKJ6A62cVZ+jhmg+6CaEm+Xfj3od12bCtmIDKj7UT1oyICKnT+lm
dhNi111f2XLWnDd2NyXOZeHZXqJb8CxP4YexJRnkRuHozZ6DLwpFrHI4GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfwig+OBJSl5mGzYMmAPKHDdZQmMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvcF9DS0Q0NEVsS1htWWJOZ3lZQThvY04xbENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAjWKIMBcE
AgACMBEDBwAqCRHAAAADBgQqCRHAEDANBgkqhkiG9w0BAQsFAAOCAQEAmOfkeOZY
qZkgDhTEPhVKkg+k3IlsQk7DVUkoxLoad5zjOllpvUvL3PB+i2dc+prOFBL1Mvme
mRZsr02GkppxfQSCTWVcl4jWtyRKiokqffZ8Dp4C3HmmN6BuS7m9HYFqbNr0+4sG
9JcWRBWhJRJhFnutpTccsPBq/YKT6Sw4QHjXfvPlwJ+tPdgJi+XQdtfseFNl/qYd
Jrqmt9os4uuCSco45Nj8jHXGVGDSBtle/MAkgw4queYyAn9vYM85Qkm4UiZB0nq2
sAh6YP+vwCfkfJ1NRM8Dsc9SScpKV4pIj5g3w2G36HBhZqJB4n2ph63FM1994v/6
Upi7qd0p5TVjtg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:45 2025 by rpki-client